From Titan Rain to GhostNet to Aurora the internet threat landscape has been changing. The teenage hackers of 10 years ago are the intelligence service agents and operators of today, and may be the policy makers and strategic planners of the future. In this age of coordinated, sophisticated attacks we must change with the times and respond with equal sophistication. Many see this as a move towards a threat centric model of network security, but I'll argue one better. This should be the impetus for organizations to move to an intelligence centric model of network security. The intelligence process is one of the oldest diciplines there is and the start of answers to many of our problems aren't necessarily rooted in the security appliance du jour but in wisdom that goes back to Sun Tzu and the Great Game. To jumpstart your move into becoming the James Bond of your own network I'll be going over some of the fundamental facets of intelligence; the taxonomy, lifecycle, items to look for, and how to make use of them. PP7 and Aston Martin not included.
Scott J Roberts read way too many spy novels as a kid. He followed this up by watching far too many hacking movies as a teenager. Amazingly enough he managed to combine these things as a career working in Cyber Threat Intelligence and SOC operations. He also enjoys teaching these things, since really wishes there were more smart people doing these things.